

User purchase 
movie 


^ 14 
*^ 




SS(plaintext) 



Print 
DK(optional] 

19 



Purchase Movie? 
(yes/no) 



/ 



Point of Sale 
Terminal 



Fig. 2 



RECEIVING AN ENCRYPTED SHARED SECRET [Hash{RP.SS)] FROM A DEVICE 
OVER AN INSECURE COMMUNICATION CHANNEL 


T 26 








TRANSMITTING AN ENCRYPTED FILE TO THE DEVICE 


' 28 








RECEIVING THE SHARED SECRET IN PLAINTEXT FORM. OVER A SECURE 
COMMUNICATION CHANNEL 


T 








RECEIVING AUTHORIZATION TO PROCEED (E.G. PAYMENT CONFIRMATION) 










TRANSMITTING A DECRYPTION KEY (DK) FOR DECRYPTING THE ENCRYPTED 
FILE .THE DECRYPTION KEY BEING ENCRYPTED USING THE SHARED SECRET 


T 34 



Fig. 3 



SEND RP AND HASH (RP. SS) 



J 



RECEIVE EMF 




RECEIVE URP. SS) (DECRYPTION KEY (DK))] 



DECRYPT [{RP, SS} (DK)] 


46 






47 


DECRYPT THE DOWNLOADED FILE 








/ 48 

/ 






/ 


SEND ACKNOWLEDGMENT OF DK RECEIVED IN THE FORM: SS[DK+1] 





Fig. 4 



SEND LIST OF AVAILABLE ACCESS POINTS TO PDA 



ALLOW THE PDA TO BIND ITSELF TO ONE OF THE ACCESS POINTS AND f 
ASSIGN IP ADDRESS TO THE PDA 



RECEIVE ENCODED RANDOM PLAINTEXT (RP) AND SHARED SECRET 
<SS) AS HASH(RP.SS) AND STORE IN TABLE 



SELECT AN ENCODED MEDIA FILE <EMF) AND CORRESPONDING | 
ENCRYPTION (EK) AND DECRYPTION <DK) KEY ASSOCIATED WITH THE f 
RECEIVED ENCODED SS j 



SEND EMF 



RECEIVE HASH[SS. CHECKSUM(EMF)] FROM THE PDA. ONE FOR EACH 
SS ASSOCIATED WITH THE PDA 



RECEIVE VIA A SECURE CHANNEL AN SS USED BY THE USER. IN 
PLAINTEXT FORM. ASSOCIATED WITH THE PDA 



COMPUTE [RP. HASH(RP.SS)] AND COMPARE TO RECEIVED [RP. HASH 
(RP. SS)} TO IDENTIFY CORRESPONDING EMF 



COMPUTE HASH [SS, CHECKSUM(EMF)] FOR IDENTIFIED EMF 



52 



56 




COMPARE THE COMPUTED HASH VALUE TO VA 
RECEIVED FROM PDA, STORED IN THE TABLE. 
MATCH FOUND? 



YES 



END SESSION ) 







END TRANSACTION 


NO _ 





PROMPT USER TO ACCEPT AND/OR PAY FOR DOWNLOADED CONTENT 

JZ 



USER ACCEPTS PURCHASE? 



SEND ENCODED DECRYPTION KEY (DK): [RP. SS(DK)] 



Fig. 5 



66 



RECEIVE ACKNOWLEDGMENT OF RECEIVED DK 



78 



82 



RECEIVE PLAINTEXT SHARED SECRET (SS) 
FROM USER 



SEND PLAINTEXT SHARED SECRET TO FILE 
SERVER 



RECEIVE FILE DOWNLOAD COMPLETION 
CONFIRMATION FROM THE CONTENT SERVER 




Fig. 6 



112 



118 





PDA_ 






ss_A1 




ss_A2 




SS_A3 


ss_A4 


1 rp_A | | ip_Aj 



) 

K 



PDA_B 



SS_B1 
SS_B2 
ss B3 



,i r P _B irjp3n 

' 120 » 108 



114 





T EMF 


DK 


w ek1 


^emfl 


dk1 




T^enjf2 


dk2 


ft" 




A* 




^emfN 


; dkN 



* 96 



Content Server 



, 98 





HASH(RP.SS) j^EK 1 


£ASH(SS, CHECKSUM(EMF))^PAiD 




^hash_ss_A1 f^ekl 


^ hash_cs_A1 ]C* n0 


I^JP-A ^hash_ss_A2 1 


^ek1 


i 

^ hash_cs_A2 y^no 


^-A jt^P- A t^hash_ss_A3 1 


^ek1 


^ hash_cs_A3 ^ 


^yes 


fjp_A jtJP_A ^hash_ss_A4 1 


[^ek1 


^ hash_cs_A4 i 




irjp_B jtJP- 8 T - riash_ss_B1 i 


r^ek2 


^ hash_cs_B1 1 


^yes 


^Mp_B 




^hash_ss_B2 \ 


^ek2 


^ hash_cs_B2 i 






UP--B ' 


r^hash_ss_B3 ^ 


m ek2 


^ hash_cs_B3 


r^no 




f 


r 


r* 


r 






T^p_n 


r^hash_ss_N1 


r^ekN 


^ hash_cs_N1 i 


r^yes 




t^p- N 


^hash_ss_N2 


U ekN 


hash_cs_N2 




1*- N 


T^P_N 


rJ-jash_ss_N3 ^kN 


^hash_cs_N3 


r^no 



100 



102 



PDA_N 



SS 


N1 


ss_ 


N2 


ss. 


_N3 



rp_N 



122 



116 



Fig. 7 







7 










8 


/ 

/ 

r 




\ 






✓ 9 




Payment 
Server 












o- 




Point of Sale 
Terminal 





